New Features in version 7

  • Ransomware Shield—Extension of the Host-based Intrusion System (HIPS) built around an algorithm that analyzes running processes and their file-system activity. It runs automatically in the background; effective against file-less infections.
  • System-wide process exclusions—To improve backup speed and minimize interference with the backup process, all file operations that can be attributed to it will be ignored and considered safe. Cautious usage is recommended since an infected file could be accessed by the privileged backup process without triggering an alert. 
  • System-wide object exclusions based on hash checksum—ESET endpoint products can exclude a file from scanning using the hash checksum. The exclusion will apply only as long as the object remains unmodified to add an integrity check.
  • UEFI Scanner—Unified Extensible Firmware Interface (UEFI) scanner can scan the hidden partition and on-board flash chip for suspicious data or anomalies that would indicate a compromised system. ESET Endpoint Security and ESET Endpoint Antivirus check these boot areas during system startup and users can also inspect the UEFI partition during a regular On-demand scan by selecting the appropriate scan target.
  • Date/Time-based scheduling for Web Control/Device Control—Ability to schedule exactly when browsing specific content on the web is not desirable on company-owned devices.
  • Option for smaller product modules updates—Endpoints with this update channel enabled will receive potentially critical data for dedicated protection layers much faster. Update sizes vary around 1 kB or less.
  • Support for locally managed lists—Ability to keep individual whitelists and blacklists in addition to the central policy. Users will not have their personal lists overwritten and can keep them separate from central definitions. Includes lists from firewall rules, HIPS, IDS exceptions and known networks
  • Multi-language installer—There is now only installation package for all regions. It can automatically detect the locale and a user can also select the preferred language on the first screen.
  • Automatic product updates—Micro Product Component Update (PCU) updates individual product modules more frequently.
  • ESET Enterprise Inspector support—ESET endpoint products allow EEI to monitor and track the distribution of objects across a managed environment. EEI is not visible within the endpoint products and can only be managed with ERA or ESMC.
  • ESET Dynamic Threat Defense support–EDTD can conduct an advanced analysis on a suspicious file using ESET cloud services. ESET Endpoint products track the routing of suspicious objects to EDTD or LiveGrid which are tagged accordingly and viewable in the Detected threats log. Management of EDTD occurs in ESET Security Management Center and is not otherwise visible in endpoint products.
  • Compatible with ESET Security Management Center

New or improved features in version 6.6


  • Compatible with ESET Security Management Center
  • Initial scan improved
  • Native 64-bit scanning core. Reduces system footprint and allows for the fastest, most efficient scans. 
  • AMSI support
  • Protected service
  • DLL Modules
  • ESET Shared Local Cache: Improved performance in virtualized settings. The use of a shared local cache decreases scan times when using ESET Endpoint products with VMware or Hyper-V solutions.
  • Botnet Protection (EES only): Helps discover malware by analyzing network communication patterns and protocols.
  • Anti-Phishing: Protects you from attempts to acquire your password and other sensitive information by restricting access to malicious websites that impersonate legitimate ones.
  • Native 64-bit scanning: Further reduces system footprint and allows for the fastest, most efficient scans. 
  • Advanced scanning of browser scripts
  • New graphical interface: A high-resolution, touch-screen compatible interface with easy access to the features and tools you use most.
  • Command-line management interface allows for direct management of Endpoint without ESET Remote Administrator (RMM interface)
  • Users can now export scan logs in text format
  • Ability to select logging severity for firewall rules, HIPS rules and protocol filtering URL lists for user reporting events to ESET Remote Administrator
  • Notification is displayed when connecting to an unprotected WiFi network